fixed use of uninitialized data
When card->sm_ctx.ops.free_sm_apdu gets called in sc_sm_single_transmit with a prior transmission error, then `sm_encrypt` still tries to decrypt the response and hence, accesses the previously uninitialized `resp`.
This commit is contained in:
parent
a6ee84f13d
commit
6f0f42c506
|
@ -491,7 +491,7 @@ static int sm_encrypt(const struct iso_sm_ctx *ctx, sc_card_t *card,
|
||||||
sm_apdu->resplen = SC_MAX_APDU_BUFFER_SIZE;
|
sm_apdu->resplen = SC_MAX_APDU_BUFFER_SIZE;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
resp_data = malloc(sm_apdu->resplen);
|
resp_data = calloc(sm_apdu->resplen);
|
||||||
if (!resp_data) {
|
if (!resp_data) {
|
||||||
r = SC_ERROR_OUT_OF_MEMORY;
|
r = SC_ERROR_OUT_OF_MEMORY;
|
||||||
goto err;
|
goto err;
|
||||||
|
|
Loading…
Reference in New Issue